As if we didn't have enough to worry about with a steady increase in cybercrime, cyberwarfare is coming to your Gmail account. Unfortunately, this is not an
exaggeration. In a blog post this week, Google’s Vice President of Security Engineering announced
that their Gmail client will now alert users when their account is threatened
by a state-sponsored attack.
Grosse emphasized in the blog post that receiving a warning
does not necessarily mean that your account has been compromised. Rather, it
means that Google believes a malicious agent working for a government is trying
to access your account through methods including phishing or redirects to
malicious websites.
Here are some things you should do immediately: create a unique password that has a good mix of capital and lowercase letters, as well punctuation marks and numbers; enable 2-step verification as additional security; and update your browser, operating system, plugins, and document editors. [Google]
The blog post said that while Google will not reveal what
criteria or evidence will be used to determine whether an attacker is a typical
cybercriminal or a state-sponsored organization, it should be noted that
attacks perpetrated by states tend to target specific individuals or companies
in attempts to acquire sensitive information. Typical phishing attempts tend to
use broader brush strokes, attacking anyone who might be vulnerable.
Although it might be slightly unsettling to see state-level
espionage brought to the user level, this is not the first time Google has
sparred with national governments. In 2010 Google threatened to pull out of China entirely after a massive Chinese
state-sponsored attack targeted dissidents’ Gmail accounts.
No comments:
Post a Comment